What Are Common Embezzlement Schemes?

There are six areas of risk frequently capitalized upon by embezzlers. While these areas of risk are not the only ones containing “embezzlement windows of opportunity”, these are the areas that offer the most significant sources of exposure to your company and what lead to various embezzlement schemes. What are common embezzlement schemes?

What Are the Six Areas of Embezzlement Risk?

For our purposes Embezzlement Schemes are defined as misuse or misappropriation:

Misuse is abuse of privilege or position without a specific intent to steal.

Misappropriation is the taking of funds or property with a specific intent to steal.

Implementing policies and procedures reduces your risk of embezzlement, limits employee opportunities to embezzle, and can stop these common embezzlement schemes from happening at your company. Let’s start by defining the areas of embezzlement risk.

(1) Cash Embezzlement

The most frequently-identified examples of common embezzlement schemes involving cash are:

• Holding cash from a transaction instead of placing the cash in a cash container (e.g., register, vault or safe);
• Taking cash from an unsecured “petty cash” container;
• Taking cash from unsecured personal items left on the premises (e.g., wallet, purse, briefcase, backpack);
• “Short-changing” customers at the time of the transaction;
• Refunding stolen items for cash;
• Cashing stolen and forged documents for a confederate; and
• Theft of cash from another employee’s work area.

Common embezzlement schemes are most often committed by line personnel (both new and experienced), and by their immediate supervisors. The most effective accounting manuals template for preventing these crimes are:

• Developing and enforcing written policies and procedures governing cash handling and cash station security;
• Requiring strict dual control over cash drawers and keys;
• Secure all containers used to store or transfer cash;
• Require that all refunds be approved by a supervisor and that the refund of more than a small dollar amount be accomplished by a company check instead of cash;
• Conducting frequent, unannounced cash counts;
• Rotating tasks among personnel at unpredictable intervals;
• Requiring all employees to remain off the company’s premises for at least five (5) uninterrupted business days annually.

(2) Embezzling Negotiable Documents Issued or Sold By the Company

The most frequently-identified examples of negotiable document embezzlement are the negotiation of;

• Refund authorizations;
• Unauthorized use of credit and debit memos to manipulate accounts;
• Money orders;
• Forgeries;
• Travelers checks;
• The company’s official checks.

These types of common embezzlement schemes are committed by all levels of employees, often using documents that are stolen and forged; negotiated after reported void; or negotiated after payee and/or amounts are altered. The most effective methods for preventing this type of common embezzlement schemes is by:

• Developing and enforcing written policies and procedures governing document storage, inventory and handling, and cash station security;
• Requiring strict dual control over negotiable documents, including checks, refund authorizations and credit and debit memos;
• Requiring that all negotiable documents be ordered from a single printer by one person, with a supervisor’s approval, and received by a person other than the person who placed the order;
• Conducting frequent, unannounced audits;
• Rotating tasks among personnel at unpredictable intervals;
• Requiring all employees to remain off the company’s premises for at least five (5) uninterrupted business days annually.

(3) Account Credit Embezzlement

The most frequently-identified examples of credit embezzlement involves the manipulation or creation of:

• Inactive or dormant accounts, particularly senior citizen, foreign customer and conservator ship accounts;
• Unauthorized transfers between general ledger accounts;
• “Ghost” employees for payroll fraud;
• Loans and lines of credit for fictitious borrowers;
• Deposit accounts for fictitious persons or entities to receive stolen or forged checks;
• Deposit accounts for check kiting.

These types of common embezzlement schemes are committed by all levels of employees, and require the manipulation of account information; generation of phony accounts; or the use of fictitious identities. These crimes may also require the co-operation of personnel working at other companies. The most effective internal controls for preventing common embezzlement schemes are by:

• Developing and enforcing written policies governing the opening and handling of all types of accounts;
• Requiring strict dual control procedures, including the involvement of a supervisor in every account adjustment request;
• Develop a triggering device to alert management when a dormant account (90 days or older) has been accessed for any type of activity;
• Rotating tasks among personnel at unpredictable intervals; and
• Having all credit and other account activity independently reviewed frequently by selected individuals or by a committee.

(4) Embezzling Delivered or Received Items

The most frequently-identified examples of common embezzlement crimes involving items delivered or received include the conversion of:

• Money paid against a “layaway” purchase;
• Property by placing items in the company’s garbage for retrieval by a confederate;
• Property by misusing an “employee discount privilege” to benefit friends and others;
• Raw materials and scrap used in the production process;
• Stocks and bonds;
• Items held in trust;
• Negotiable instruments; and
• Equipment and supplies.

These types of embezzling schemes are committed by all levels of employees and involve the taking or misapplication of instruments or other property delivered to the company. In addition to product inventory, these items are often intended to be used as collateral or to be held for safekeeping. The most effective embezzlement prevention procedures for preventing these crimes are by:

• Developing and enforcing written policies governing the shipping, receiving and storing of all instruments or other property;
• Developing and enforcing written policies governing the shipping, receiving and storing of items held for safekeeping or as collateral;
• Requiring strict dual control procedures for all property transfers from one department/facility to another;;
• Insuring that the company’s garbage is inaccessible to non-employees and that periodic inspections are conducted prior to employees leaving the premises;
• Requiring that items purchased by employees are opened and inspected before the employee leaves the premises;
• Establishing and monitoring a comprehensive receipt system;
• Designating and equipping a secure storage facility;
• Rotating tasks among personnel at unpredictable intervals;
• Conducting frequent and unannounced audits of instruments and other property received by the company;
• Requiring all employees to remain off the company’s premises for at least five (5) uninterrupted business days annually.

(5) Wire Transfer Embezzlement

The most frequently-identified examples of wire transfer crimes involve the manipulation or alteration of:

• The company’s own accounts or transfer instructions; and
• Faxed transfer instructions received from an unauthorized source; and
• Customer accounts or transfer instructions falsified by an employee.

These crimes are committed by employees who are either assigned to the wire transfer function, or who coordinate the theft with another employee who is assigned to the wire transfer function. Theft by wire transfer may also be committed by an external source, often based on information made available by an internal source.

The most effective methods for preventing such embezzlement plans is by:

• Developing and enforcing written policies governing all wire transfer operations;
• Requiring strict dual control procedures, including the involvement of employees designated as “receiver”, “sender” and “validator”;
• Establishing, monitoring and frequently changing a comprehensive password system, with each employee accessing the system being assigned a separate and confidential personal identification number (PIN) to be used for all transactions;
• Rotating tasks among personnel at unpredictable intervals;
• Conducting periodic, unannounced reviews of transfer documents by an independent person or group;
• Frequently auditing the person(s) responsible for assigning passwords;
• Establishing a reasonable security procedure agreeable to both the sender and recipient; and
• Requiring all employees to remain off the company’s premises for at least five (5) uninterrupted business days annually.

(6) Computer Embezzlement

The most frequently-identified examples of cybercrime are computer embezzlement involve the manipulation or employment of:

• Customer account information to “skim” the account for resale, or other criminal use;
• “Salami” or “trap door” techniques, to “skim” a small amount of money from each transaction processed, electronically transferring the amount to another account;
• “Data diddling” schemes to alter the manner in which a computer program works, or to neutralize control mechanisms;
• “Trojan horse” programs, to insert extra commands into a computer program, causing the computer to perform authorized and unauthorized functions simultaneously; and
• “Logic bomb” commands, or a set of instructions programmed to perform various functions at appropriate or periodic times. This technique is used to shift funds, erase data, or shut down the entire system at a given time.

These computer crimes are committed by employee embezzlers who are either assigned to the data processing function, or who coordinate the theft with another employee who is assigned to the data processing function. Computer frauds are committed by means of unauthorized access to, or manipulation of, a computer system by either internal or external sources. The criminal’s goal is to transfer or credit funds to his/her accounts, to transfer title to property, or to impair the ability of the company to conduct business.

The most effective methods for preventing computer crimes are by developing and enforcing written computer system security policies and procedure that require the company to:

• Properly identify and document persons accessing any system, either by direct access or by modem;
• Control access to information by assigning passwords to every person authorized to access the system, even if the system is only a personal computer;
• Routinely monitor employees’ work and levels of access;
• Notify appropriate persons of unauthorized activities; and
• Routinely audit and document system controls and integrity.
• Requiring strict dual control procedures;
• Rotating accounting, inventory and backup tasks among personnel at unpredictable intervals;
• Conducting periodic, unannounced reviews of activity logs by an independent person or committee;
• Frequently auditing the person(s) responsible for assigning the passwords and maintaining the system; and
• Requiring all employees to remain off the company’s premises for at least five (5) uninterrupted business days annually.

There are six areas of embezzlement risk that may be used to commit common embezzlement schemes. These are the areas that offer the most significant sources of exposure to your company: By containing “embezzlement windows of opportunity” with internal controls, you can significantly reduce the exposure your company has to embezzlement fraud.

Common Embezzlement Schemes

Embezzlement Prevention Manual

Although the number of methods used to commit the financial crime of embezzlement is only limited by the embezzler’s imagination, there are a number of techniques that are considered the most common embezzlement schemes used by embezzlers. Is your accounting management system open to fraud? It may be more open than you think. Employees may misuse or misappropriate funds or property in a variety of ways.

1. Using company assets for personal gain

• Using the company’s telephones, copy machines, and mail services for personal business.
• Using the company’s equipment, machinery, vehicles, supplies, and computer programs for personal business.
• Using the company’s expense accounts and credit cards to pay for personal expenses.
• Creating cash loans from one’s own area of control to pay personal expenses on a temporary basis.

2. Stealing company assets

• Wiring funds from the company’s or customers’ accounts to secret personal accounts.
• Stealing cash or negotiable documents from another employee’s area of control.
• Creating “ghost” or non-existent employees for the company’s accounting system for payroll purposes.
• Converting titles to “double-ordered”, abandoned or stored company property, then selling the property; Burglarizing the company’s premises, dual-custody containers, and safety deposit boxes.

3. Forging or altering company’s documents

Particularly signature cards at financial institutions, powers of attorney, money orders, travelers and cashier’s checks made payable to the company.

4. Manipulating account balances

Using on-line computer systems, and making “adjustments” to accounts, particularly dormant accounts is a from of cybercrime requiring businesses to improve cybersecurity.

5. Hiding assets

Merchandise, cash, computer data and account information can be hidden in the company’s garbage container for retrieval by a confederate.

6. Establishing fictitious accounts

This includes phony loans, lines of credit, and other related types of credit frauds.

7. Accepting and holding favors

Holding “favorite customers” and employees’ post-dated checks, until they can make a corresponding deposit to the paying financial institution, for a fee.

8. Assisting a friends in operating credit for a fee

Assisting a customer or another employee in operating credit, interest and check kites, and “bust-out” schemes, for a fee.

9. Short-changing customers during any transaction.

Not counting out exact change correctly is obvious, but a ticket taker can take your ticket and then resell it later.

10. Secret unsecured, personal loans from “favorite customers”

Your cedit policy may not allow loans to favorite customers, but do you have the checks and balances in place and have your tested your internal controls to make sure they are working?

Areas of Embezzlement Risk and Common Embezzlement Schemes

Although the number of methods used to commit the financial crime of embezzlement is only limited by the embezzler’s imagination, this listing highlights embezzlement risks and the techniques most frequently used in common embezzlement schemes. So what can you do about embezzlement?

Use the Embezzlement Prevention Guide to reduce your exposure to waste, fraud, and abuse of the financial assets in your company. You can also download Free Policies and Procedures to see how easy it is to edit MS Word Templates to build your own policy and procedure management system.